Edit

Share via

Deploy updates for Microsoft Defender for Endpoint on Linux

  • Article

Applies to:

Want to experience Defender for Endpoint? Sign up for a free trial.

Microsoft regularly publishes software updates to improve performance, security, and to deliver new features.

Warning

Each version of Defender for Endpoint on Linux is set to expire automatically after 9 months. While expired versions continue to receive security intelligence updates, install the latest version to get all available fixes and enhancements. To check the expiration date, run the following command:

mdatp health --field product_expiration

Expired clients report a health issue and warning message when you run the following command:

mdatp health

Indicators of an expired client include the message, "ATTENTION: No license found. Contact your administrator for help." with the following attributes:

ATTENTION: No license found. Contact your administrator for help.
healthy                                     : false
health_issues                               : ["missing license"]
licensed                                    : false

Defender for Endpoint capabilities that are generally available are equivalent, regardless of which update channel is used for deployment (Beta (Insider), Preview (External), Current (Production)).

To update Defender for Endpoint on Linux manually, run one of the following commands:

RHEL and variants (CentOS and Oracle Linux)

sudo yum update mdatp

SLES and variants

sudo zypper update mdatp

Ubuntu and Debian systems

sudo apt-get install --only-upgrade mdatp

Important

When Defender for Cloud is provisioning the Microsoft Defender for Endpoint agent to Linux servers, it keeps the client updated automatically.

To schedule an update of Microsoft Defender for Endpoint on Linux, see Schedule an update of the Microsoft Defender for Endpoint (Linux)

Tip

Do you want to learn more? Engage with the Microsoft Security community in our Tech Community: Microsoft Defender for Endpoint Tech Community.